Seems the same issue - Relayd: cannot access bridge via ethernet
Unfortunately on today's build LEDE Reboot SNAPSHOT r2028+1013-9bd874c / LuCI Master (git-17.017.13638-9b7a5a4) still the same.I have DHCP disabled on Repeater and it seems it's not forwarding DHCP requests to the master AP. When I enable DHCP even on repeater, it works but this it not intended. Any thoughts please on why does it works on r2028+637 but not on the latest version with absolutely the same config ? I can force rebuild from scratch but if I'm not alone, maybe it's waste of time.
On LEDE Reboot SNAPSHOT r3012+48-b367eef (fully clean build ) still the same.
Am I really alone with such issue ? It's a pity I can't investigate further as the fw images I'm using are full on given devices (low flash) without eg. tcpdump etc.
Am I really alone with such issue ? It's a pity I can't investigate further as
the fw images I'm using are full on given devices (low flash) without eg.
tcpdump etc.
I've run into what sounds like the same problem using openvpn, but haven't had
time to try debugging it yet.
David Lang
1 Like
Still the same on LEDE Reboot SNAPSHOT r3012+233-0d1b329 ;-(
Actually although I wrote it's DHCP packet forwarding, I do think the problem is somewhere else.
I also noticed that the packets between or let's say within bridged interface don't flow, eg. on wifi connected client I can't ping second AP (with IP static), but directly on the console it works...
Is there anything I can test ? I think it's worth to remove this bug from V17 final... if it's a bug but the same config works on my build from LEDE Reboot SNAPSHOT r2028+637-9acd90b but later builds it don't.
My config if that would help :
*** wireless ***
config wifi-device 'radio0'
option type 'mac80211'
option hwmode '11g'
option path 'pci0000:00/0000:00:00.0'
option htmode 'HT40'
option noscan '1'
option channel '11'
option country 'US'
option txpower '21'
config wifi-iface
option device 'radio0'
option mode 'sta'
option key 'password'
option network 'wwan'
option bssid '64:70:02:A4:E2:12'
option wds '1'
option encryption 'psk'
option ssid 'apwifi'
config wifi-iface
option device 'radio0'
option mode 'ap'
option network 'lan'
option encryption 'psk-mixed'
option key 'password'
option ssid 'apwifi'
*** dhcp ***
config dnsmasq
option boguspriv '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
config dhcp 'lan'
option interface 'lan'
option ignore '1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
*** network ***
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fda6:caad:273f::/48'
config interface 'lan'
option ifname 'eth0'
option force_link '1'
option type 'bridge'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '10.11.0.2'
option delegate '0'
option stp '1'
option dns '10.11.0.1 8.8.8.8'
option gateway '10.11.0.1'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0 1 2 3 4'
config interface 'wwan'
option proto 'dhcp'
option delegate '0'
config interface 'stabridge'
option proto 'relay'
list network 'lan'
list network 'wwan'
option ipaddr '10.11.0.90'
option delegate '0'
*** firewall ***
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan stabridge wwan'
config zone
option name 'wan'
option output 'ACCEPT'
option masq '1'
option mtu_fix '1'
option input 'REJECT'
option forward 'REJECT'
option network 'wan wan6'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config rule
option target 'ACCEPT'
option proto 'tcp'
option dest_port '80'
option name 'Openwrt'
option dest_ip '10.11.0.2'
option src '*'
config redirect
option target 'DNAT'
option dest 'lan'
option proto 'tcp'
option src_dport '80'
option dest_ip '10.11.0.2'
option dest_port '80'
option name 'Openwrt'
option src 'lan'
option enabled '0'
config redirect
option target 'DNAT'
option dest 'lan'
option proto 'tcp'
option src_dport '80'
option dest_ip '10.11.0.90'
option dest_port '80'
option name 'Openwrt_90'
option src 'lan'
option enabled '0'
config rule
option target 'ACCEPT'
option proto 'tcp'
option dest_port '80'
option name 'Openwrt_90'
option src '*'
option dest_ip '10.11.0.90'I have a similar problem with relayd.
I use a router Gl-inet GL-MT300A. Config file is similar to the above.
I tried the following firmware versions: OpenWRT 15.05, 15.05.1, trunk; LEDE latest trunk, 17.0.1.0-rc2. relayd does not work on any of the following firmware versions.
The router has access to the Internet, but does not assign IP for clients WIFI. 
I have created issue entry - https://bugs.lede-project.org/index.php?do=details&task_id=525&order=dateopened&sort=desc
If anyone is facing this problem, please vote.
Thank you.
The same error situation with my archer c7 V2. I have a old LEDE r2159 firmware with relayd, which is working fine. Today a have given a new try, without a success. My wifi clients getting only "IP-adress obtaining". IPV6 is working fine.
I have done additional tests.
Relayd is not started at bootup !!
If you start the process, all is fine.
/etc/init.d/relayd enable does not work !!
/etc/init.d/relayd start fix the problem until next boot.
1 Like
Indeed, it works ! Very nice finding @Rampler 
I put to startup manual entry as a temporary workaround (with delay - it wasn't working without) until fixed...
sleep 10
/etc/init.d/relayd start
exit 0
Unfortunately, that does not help on my Gl-Net GL-MT300A.
Even if relayd running, wifi clients as before can not get IP. On the main router in the syslog many strings
Wed Feb 22 05:59:40 2017 daemon.info dnsmasq-dhcp[9277]: DHCPOFFER(br-lan)
Wed Feb 22 05:59:44 2017 daemon.info dnsmasq-dhcp[9277]: DHCPDISCOVER(br-lan)
...
BUGS:
- relayd not started at bootup
- If relayd running, if you exec /etc/init.d/network restart. Relayd stopped, not start (missing in running processes)
- Even if relayed is running, wifi clients can not get IP. The same configuration is successfully worked in the Xiaomi Mi Mini on the latest OpenWRT trunk
Wed Feb 22 05:59:40 2017 daemon.info dnsmasq-dhcp[9277]: DHCPOFFER(br-lan)
Wed Feb 22 05:59:44 2017 daemon.info dnsmasq-dhcp[9277]: DHCPDISCOVER(br-lan)
It seems, you forgot to disable the local dhcp. This messages occur only, if you have dhcp running.
You clients should be served from the main router with adressess.
Local DHCP is disabled.
config dhcp 'lan'
option interface 'lan'
option ra 'server'
option ignore '1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
A similar configuration is successfully working on Xiaomi Mi Mini (OpenWRT trunk), TP-Link MR3020 (OpenWRT 12.09).
Have you disabled DHCP for accespoint also ?
Maybe you show your config here ..
OK. thanks for your reply.
Router Gl-Net GL-MT300A (Firmware: Lede trunk) connected via WIFI as client WIFI to the main router TP-Link WDR7500 (Firmware: Lede 17.01.0), access point: WF1.
The router TP-Link WDR7500 acts as a DHCP server. It is not installed relayd, because not needed. WPS is disabled, it is is necessary via relayd.
On the router Gl-Net GL-MT300A disabled local DHCP, installed relayd. Relayd exists in the list of running processes. Created WIFI access point (WF2). If you try to connect to the access point WF2 (Gl-Net GL-MT300A), then the IP is not allocated. Unable to connect.
On the main router (TP-Link WDR7500) in log many messages:
Fri Feb 24, 2017 9:42:02 daemon.info dnsmasq-dhcp [1609]: DHCPDISCOVER (br-lan)
Fri Feb 24, 2017 9:42:02 daemon.info dnsmasq-dhcp [1609]: DHCPOFFER (br-lan)
Fri Feb 24, 2017 9:42:07 daemon.info dnsmasq-dhcp [1609]: DHCPDISCOVER (br-lan)
Fri Feb 24, 2017 9:42:07 daemon.info dnsmasq-dhcp [1609]: DHCPOFFER (br-lan)
Configs main router (TP-Link WDR7500)
[details=TP-Link WDR7500]
dhcp
config dnsmasq
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option local '/loc/'
option domain 'loc'
option domainneeded '1'
option expandhosts '1'
option nonegcache '1'
option localise_queries '1'
option strictorder '1'
option rebind_protection '1'
option rebind_localhost '1'
option dnsforwardmax '1000'
list server '8.8.8.8'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
list dhcp_option '252,"\n"'
option ra 'server'
option ra_management '1'
option dhcpv6 'disabled'
config dhcp 'wan'
option interface 'wan'
option ignore '1'config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
config host
option name 'GlInet'
option mac 'xxx'
option ip '192.168.0.116'
network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'xxx'config interface 'lan'
option ifname 'eth1'
option force_link '1'
option type 'bridge'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.0.1'
option _orig_ifname 'eth1 wlan0 wlan1'
option _orig_bridge 'true'config interface 'wan'
option ifname 'eth0'
option _orig_ifname 'eth0'
option _orig_bridge 'false'
option proto 'pppoe'
option username 'xxx'
option password 'xxx'
option mtu '1480'
option peerdns '0'
config interface 'wan6'
option ifname 'eth0'
option _orig_ifname 'eth0'
option proto 'dhcpv6'
option _orig_bridge 'false'
option peerdns '0'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '2 3 4 5 0'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '1 6'
wireless
config wifi-device 'radio1'
option type 'mac80211'
option channel '11'
option path 'platform/qca955x_wmac'
option hwmode '11g'
option disabled '0'
option txpower '24'
option noscan '1'
option ar '1'
option bursting '1'
option ff '1'
option compression '1'
option distance '20'
option country 'US'
option htmode 'HT40-'
option frag '2346'
option rts '2347'
config wifi-iface 'default_radio1'
option hidden '0'
option device 'radio1'
option ssid 'WF1'
option key '12345'
option encryption 'psk2+ccmp'
option disabled '0'
option mode 'ap'
option network 'lan'
option wpa_group_rekey '7200'
option disassoc_low_ack '0'
firewall
config defaults
option syn_flood '1'
option input 'DROP'
option output 'DROP'
option forward 'DROP'
option drop_invalid '1'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'DROP'
config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option input 'DROP'
option output 'ACCEPT'
option forward 'DROP'
option masq '1'
option mtu_fix '1'
config forwarding
option src lan
option dest wan[/details]
Configs for router as client WIFI (Gl-Net GL-MT300A)
[details=Gl-Net GL-MT300A]
dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option localservice '1'
option local '/lan/'
option domain 'lan'
option nonegcache '1'
list rebind_domain 'loc'
option nonwildcard '0'config dhcp 'lan'
option interface 'lan'
option ra 'server'
option ignore '1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'config dhcp 'wwan'
option interface 'wwan'
option ignore '1'config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'xxx'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option ip6assign '60'
option ipaddr '192.168.5.1'
option netmask '255.255.255.0'
option gateway '192.168.0.1'
option dns '192.168.0.1'
config device 'lan_dev'
option name 'eth0.1'
option macaddr 'xxx'
config interface 'wan'
option ifname 'eth0.2'
option proto 'dhcp'
config device 'wan_dev'
option name 'eth0.2'
option macaddr 'xxx'
config interface 'wan6'
option ifname 'eth0.2'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '1 2 3 4 6t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '0 6t'
config interface 'wwan'
option _orig_ifname 'wlan0'
option _orig_bridge 'false'
option proto 'static'
option ipaddr '192.168.0.116'
option gateway '192.168.0.1'
option dns '192.168.0.1'
option netmask '255.255.255.0'
config interface 'stabridge'
option proto 'relay'
option ipaddr '192.168.0.116'
list network 'lan'
list network 'wwan'
wireless
config wifi-device 'radio0'
option type 'mac80211'
option hwmode '11g'
option path 'platform/10180000.wmac'
option channel '11'
option txpower '20'
option country '00'
option ar '1'
option bursting '1'
option ff '1'
option compression '1'
option distance '20'
option frag '2346'
option rts '2347'
option noscan '1'
option htmode 'HT20'
config wifi-iface 'default_radio0'
option device 'radio0'
option mode 'sta'
option ssid 'WF1'
option encryption 'psk2+ccmp'
option key '12345'
option network 'wwan'
config wifi-iface 'default_radio1'
option device 'radio0'
option mode 'ap'
option network 'lan'
option encryption 'psk2+ccmp'
option key '12345'
option ssid 'WF2'
option wpa_group_rekey '7200'
firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option drop_invalid '0'
option forward 'ACCEPT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan wwan'
config zone
option name 'wan'
option input 'DROP'
option output 'ACCEPT'
option forward 'DROP'
option masq '1'
option mtu_fix '1'
option network 'wan wan6'
config forwarding
option src 'lan'
option dest 'wan'[/details]
The difference to my configuration is, that i have bridged LAN with WF2.
config wifi-iface 'default_radio1'
option device 'radio0'
option mode 'ap'
option network 'default_radio1 lan'
option encryption 'psk2+ccmp'
option key '12345'
option ssid 'WF2'
In GUI, i have build a bridge in LAN Interface (under physical settings) with LAN and WF2.
Hope this helps...
Looks like that this devices are useless:
config device 'lan_dev'
option name 'eth0.1'
option macaddr 'xxx'
config interface 'wan'
option ifname 'eth0.2'
option proto 'dhcp'
config device 'wan_dev'
option name 'eth0.2'
option macaddr 'xxx'
In fact, it worked only 1 time. After flashing Lede 17.01.0 it does not work, also tried last trunk 2017.02.24. Most likely in it blame router Gl-Net GL-MT300A. As I wrote the other routers successfully work with this configuration.
Also I tried this config.
network
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option _orig_ifname 'eth0.1 wlan0-1'
option proto 'static'
option ip6assign '60'
option ipaddr '192.168.5.1'
option netmask '255.255.255.0'
option gateway '192.168.0.1'
option dns '192.168.0.1'
A fix :
https://git.lede-project.org/?p=source.git;a=commit;h=699976e61d513e0509af1e614e0fdc807f6b66cb
https://git.lede-project.org/?p=source.git;a=commit;h=699eedace08b54b0bb4592b88573314604c4c0f6
fixing https://bugs.lede-project.org/index.php?do=details&task_id=541 and https://bugs.lede-project.org/index.php?do=details&task_id=525
Thanks to @yousong
For a momtent I think that the problem was the wds='1' in my configurations I use, or WDS: https://gist.github.com/braian87b/8a524a8ad74a36407a8f481e9d16a5c9
or RelayD and IGMPProxy with: https://gist.github.com/braian87b/821e9e4f399918510c55619192a31871
but I think that both at the same time will be problematic...